Vulnerability Details CVE-2014-8878
KDE KMail does not encrypt attachments in emails when "automatic encryption" is enabled, which allows remote attackers to obtain sensitive information by sniffing the network.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.4%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 4.3
References
- http://www.openwall.com/lists/oss-security/2015/07/16/10
- http://www.securityfocus.com/bid/75986
- https://bugs.kde.org/show_bug.cgi?id=340312
- https://bugzilla.redhat.com/show_bug.cgi?id=1243777
- http://www.openwall.com/lists/oss-security/2015/07/16/10
- http://www.securityfocus.com/bid/75986
- https://bugs.kde.org/show_bug.cgi?id=340312
- https://bugzilla.redhat.com/show_bug.cgi?id=1243777